security

Database could decrease crimes {2}

by Ricardo C
This article talks about how a database could reduce crimes. According to the article, an average of 40% of robberies involve cell phones. The majority of these robberies are violent and with serious injuries. The database promises that wireless providers will deactivate your mobile device if you report it stolen. The major wireless providers of USA sprint, AT&T, Verizon and T-Mobile are participating in this database with the purpose to decrease the desire of thieves for stealing mobile devices. Since after deactivating the devices they become as useless as an empty wallet, there is no incentive to steal them. Thieves steal these devices with the intention of reselling them, most likely overseas. According to the article, these four companies mentioned earlier account for the 90% of mobile devices in the USA which mean that this centralized database will cover the majority of the cell phones currently in use. This database will be in effect within six months in the USA and within 18 months globally.
Besides the centralized database, authorities are promoting customers to educate themselves about the use of personal data on mobile devices. Some of these advices are to keep your divides password protected, write down your device’s model and serial number, etc. The article did not disclose the cost of these initiative but certainly the concern here isn’t cost. read more...

Cloud Security {2}

by Han C
Onsite resources are not the only ones in need of protection anymore. Every day new methods of cloud computing are being introduced and adopted by companies of all sizes, all over the world. That’s the beauty of the cloud. You can access it from just about anywhere but so can the bad guys. The article I researched discusses the importance of security in the cloud environment. It even states that “cloud computing is subject to the same threats as traditional dedicated hosting and in-house computing” meaning that hackers are able to prey on weak or unsecured passwords just the same and customers or end users need to be warned. Adopters of cloud technologies should learn how things work before going full throttle into adoption. This test drive can provide the IT department with insight into system integration and a greater understanding of how to mitigate risks within their infrastructure. read more...

Stormy Cloud or Clear Skies? {4}

by Abel R

Cloud computing refers to data storage on remote servers so that the data is available anywhere and anytime. This is concept of cloud computing, but there lies security concerns over how safe your information is. My article points out that in reality you have  no idea who is managing the computers with your information. You have no idea where they are. You have no idea what protections may or may not be in place to make sure your information is not stolen or disclosed or that it does not accidentally disappear.Another issue at hand is reliability, for example if a server crashes or is hacked into, your personal / private data can disappear. Lastly,the article talked about privacy issues within cloud computing. In the US for example, the article mentions that the legal standards are soft and the government can obtain your data without you knowing. read more...

The Translucent Cloud {1}

by Robert T
Technology is moving quicker than ever in today’s day and age, and you can’t discuss the ever fast pace of technology without bringing to light the concerns of security. In Jon Udell’s, “The Translucent Cloud: Balancing Privacy, Convenience,” Udell expresses his concern with the cloud services and trust of the end user. In the past, every time a user would like to save or back up precious information, they would simply save it to a tangible object. Something that was right in front of them. Something the user could look at and think, “this is where I keep everything that is important to me.” Something they would know could be safe, and under certain restrictions could never be touched. But how safe is our information now that its in the hands of the providers we blindly trust? read more...

Cloud Computing In Health Care Data {2}

by Jorge R
The topic of my article is about implementing cloud computing into personal health care. The author explains that personal health records are (PHR) has increased in the recent years, this allows the patient to create, manage and control their personal health records through the internet. Using the internet has made it possible to easily access their data. Using the internet to access their personal files has made it possible for the patient to share their data to an health care provider, family members, and friends. Due the high cost of building and maintaining a PHR server companies have started to outsource to a third party cloud server. There is great debate over using these services due to privacy concerns and personal health records that are being exposed to unauthorized parties. A method to try and combat these issues is to ensure the patients have access to their files and an encryption process from the user to the cloud server. In order to ensure proper encryption from server to patient and vice versa, the article suggest on using a novel patient centric framework to a set of mechanisms for data access control. This ensures proper security measures when using a semi trusted cloud server. To achieve fine gain and scalable data access for PHRs the author suggests using (ABE) encryption measures to encrypt the patient’s files. This article does a good job when analyzing and explaining different measures in trying to ensure the highest level of security for the customers. read more...

The Cloud and its Security Concerns {3}

by Daniel S
This article talked about the security concerns of cloud computing, and what the Fraunhofer
Research Institution is trying to do about it. The Fraunhofer Institute has come up with an idea
called “The Cloud Center Control,” where it controls and monitors all traffic going through
the cloud. Security is a big concern for any computer users using public networks to share
information with other people. The Fraunhofer Institute has created the OmniCloud software
to counter the security issues for users that go through the cloud. The software ensures that
any packet being sent through the cloud will be encrypted. The Frauhofer Institute knows
that it cannot secure every package/ information that is being sent through the cloud, because
technology always changes and cyber crimes get more advanced as time progresses. read more...

Security Vulnerabilities With Cloud Computing {1}

by Daniel S
Cloud is composed of two sections – the user and the cloud. Cloud is possible due to “virtualization” which is the cloud’s central technology. Software-as-a-service (SaaS) is the most common form of cloud. Just Enough Operating System (JeOS) is another form of cloud where cloud handles most of the users tasks. Cloud computing has many security concerns. The following are all areas of concern for cloud’s security: XML signatures, browser security, denial of service, reputation fate sharing, side channel, loose control over data, and dependence on internet. XML signatures are used to ensure the authenticity of data within the “simple object access protocol (SOAP)”. This is an area for security concern because an attacker can duplicate a fragment of XML and add additional codes to control the computer to do what the attacker wants it to do. This is called “wrapper attack”. Browser security is another problem. Often times, “phishing” is used to steal log in information. Denial-of-Service (DOS) attacks happen when the attacker overloads the server with so many requests that the server ends up having too many requests to tend to and gets slowed down. Reputation fate sharing is where one hardware is shared amongst many users. Security risk depends on how it is abused by the users. Side channels is where information is channeled from one machine to another. Loosing control over data is another security risk. With PCs, there is control over how data is stored. With cloud, a third party is in total control of the data storage on the server. There has to be a certain level of trust between the user and the provider. The user has to trust the provider not to share information stored on the server and especially not to sell the information to other third parties. Dependence of the Internet increases as application numbers increase and the more we use cloud. This can be a security issue because if there is a major virus out, it could disable the Internet for many users. read more...

Cloud Computing Data Storage and Security {Comments Off on Cloud Computing Data Storage and Security}

by Michael V
The article written by Lara Farra describes the benefits in contrast to the risks of cloud computing. Cloud computing is described to be a method of moving data that was previously stored in your own personal computer to be stored in someone else’s servers in order to reduce hardware costs or to access them on any device with an internet connection. Despite the convenience of cloud computing, the author points out three major flaws in the system: security, server availability, and privacy. Many of these concerns are related to hackers who are expected to pose a major threat to the security of the client’s data, as cloud computing servers are growing to become serious targets for hackers who want to extract people’s information. The lack of laws regarding cloud computing also fails to set a suitably high standard for these data storage companies, and also allows for the government to easily attain information through these servers. read more...

Cloud security {5}

by Daniel M
The article that i read was about how companies and IT professionals feel about the security of cloud computing. Cloud computing allows for flexibility in access to a companies data and allows the employees to have access to the data at home without physically taking the data out of the companies building on a storage device. The problem is how secure the data is on the cloud and what information do you trust to another company to store and back up for you. The article says that 46% of companies trust cloud services with a moderate amount of data and only 13% of the companies trusted it with a heavy amount of data. 54% of the companies that were polled said that cloud computing security is a top priority. The companies had a list of things that they would not trust to a cloud service and 58% said that they would not trust their financial data to a cloud service. The next highest was 56% said that they would not put credit card information on the cloud either. The article also talks about how 72% of all cloud users do not have the tools to audit the cloud environment. read more...

Careful Who You Give Your Information too, Online Databases are Not Always Safe. {3}

by Vincent S
As providing information has become second nature to us as most if not all modern services are becoming electronic, we sometimes forget how there are people in the world who are capable and willing to exploit such information.  This past week, YouPorn.com suffered one of the largest data breaches in internet pornography history.  An investigation conducted by the FCC concluded that the web site had a improperly functioning link that allowed for a hacker to return values from a user information database.  In a past post I talked about SQL injections and how programmers can use that to return values stored in a database.  This is what a hacker did this past week to the website due to their faulty link which enabled him to do this.  The FCC commented that there were surprised this was not discovered sooner as the investigation results showed that the link has been up since 2007.  Consequently, the offending hacker posted a a blog site that contained the full names and addresses of users of the website YouPorn.com.  It was first discovered by a spouse of one its site members as a simple google search will reveal a blog site where users’ personal information is publicly displayed. read more...